Remarks/ Arguments 

This Amendment and Response is considered fully responsive to the Office action mailed 
December 28, 2007. Claims 1-77 are pending in the application. Claims 1-77 stand rejected. 
Claims 57 and 58-62 have been amended herein. No claims have been canceled. No new claims 
have been added. Reexamination and reconsideration are respectfully requested. Furthermore, 
the Applicants respectfully request reconsideration and withdrawal of the finality of the Office 
Action. 

Claim Objections 

The Applicants acknowledge that the prior objection to claim 5 1 has been withdrawn by 
the Examiner in view of the prior amendments to claim 5 1 . 

Drawings 

The Applicants acknowledge that the prior objections to the drawings have been 
withdrawn by the Examiner in view of the prior amendments to the drawings. 

Rejections Under 35 U.S.C. S101 

The Applicants acknowledge that the prior 35 U.S.C. §101 rejections to claims 29-56 
and 68-72 have been withdrawn by the Examiner in view of the prior amendments to claims 29- 
56 and 68-72. The Applicants note that the introductory sentence to the Section 101 rejection 
still refer to claims 29-56 and 68-72, but it appears that this statement is merely a typographical 
error and that a new Section 101 rejection has been asserted against claims 57-62. If the 
Undersigned's interpretation of the Section 101 rejection is incorrect, the Office is requested to 
call the Undersigned so that he can supplement this response. 

Claims 57-62 stand rejected under 35 U.S.C. §101 because the claimed invention is 
purportedly directed to non-statutory subject matter. As an initial matter, the Applicants 
respectfully assert that the finality of the rejection is premature. According to MPEP 706.07(a) 
(emphasis added): 

Under present practice, second or any subsequent actions on the merits 
shall be final, except where the examiner introduces a new ground of rejection 
that is neither necessitated by applicant's amendment of the claims , nor based on 
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information submitted in an information disclosure statement filed during the 
period set forth in 37 CFR 1 .97(c) with the fee set forth in 37 CFR 1 . 17(p). 

The Applicants point out that the Office has introduced a new ground of rejection under 
Section 101 of claims 57-62, which were neither rejected under Section 101 in the first non-final 
Office Action, issued 2/28/2007, nor amended by the Applicants in the response to the first non- 
final Office Action, filed 8/27/2007. Furthermore, no information disclosure statement was filed 
during the period set forth in MPEP 706.07(a). Accordingly, the new ground of rejection was 
not necessitated by applicants' amendment of the claims or by submission of an information 
disclosure statement. For the foregoing reasons, the Applicants request reconsideration and 
withdrawal of the finality of the rejection of the Office Action issued 12/28/07. 

Without acquiescing to the propriety of the Section 101 rejection of claims 57-62, the 
Applicants have amended claim 57 to recite a processing unit and have amended claims 57, 59- 
62 to recite either a call graph generator (claim 57) and/or a call graph analyzer (claims 59-62) as 
executing on the processing unit. The Applicant believes that the amendment overcomes the 
Office's Section 101 rejection of claims 57-62. As such, withdrawal of the rejection of 
claims 57-62 under 35 U.S.C. §101 is respectfully requested. 

Rejections Under 35 U.S.C. §112 

The Applicants acknowledge that the prior rejection under 35 U.S.C. §112, second 
paragraph, has been withdrawn by the Examiner in view of the prior amendments to claim 5 1 . 

Response to Arguments 

The Applicants acknowledge the Office's response to Applicants' Arguments submitted 
in the response to the first non-final Office Action, filed 8/27/07. The Applicants respectfully 
assert that the Office has failed to establish a prima facie case for rejection under either 
Section 102 or Section 103, despite the additional arguments provided by the Office in this 
section of the Office Action. 

Generally, the primary cited reference, Rioux, teaches building a control flow model 
approximated from control flow graphs derived from program source code. The control flow 
model can be analyzed to identify software flaws, security vulnerability, and performance issues. 
In contrast, the present application relates to generating a call graph of call paths through input 
component code based on a simulation involving a runtime security policy, which reside in the 
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context of rights, load-time security checks, and permissions. Reiterating a main theme of the 
Applicants' response to first Office Action, which has not been effectively rebutted by the 
Office's response to the Applicants' initial arguments, Rioux has nothing to do with rights, load- 
time security checks, or permissions and therefore fails to disclose or suggest the use of a 
runtime security policy. Rioux addresses identification of operation errors in the code to identify 
"software flaws, security vulnerability, and performance issues" and makes no reference to and 
shows no interest in rights or runtime security policies. 

In Subsection A, the Office responds to Applicants' argument that Rioux fails to disclose 
"receiving a runtime security policy". The Office cites a portion of the Applicants' specification 
in which a runtime security policy is referenced in one implementation of the described 
technology: "The rights attached to every piece of code are made explicitly (e.g., according to 
the origin of the code and evidence attached to the code). This assignment of rights to code and 
various security checks performed as the code is loaded are referred to as the "runtime security 
policy" (page 6, lines 16-20). In fact, there arc many references to a runtime security policy in 
the specification, most providing some characterization of the term in the context of rights, load- 
time security checks, and permissions. The Applicants respectfully submit that the term 
"runtime security policy" should be interpreted based on its known usage in the art and the 
specification as a whole, not based on a single description of "one implementation" from the 
specification. 

Although the Applicants do not acquiesce to the Office's apparent attempt to interpret the 
term based upon the cited description alone, the Applicants respectfully assert that the reference 
does not disclose even the characteristics identified in the cited language of the specification - 
"assignment of rights to code" or any relationship with "rights". The Office cites two portions of 
Rioux in support of its response, and the Applicants respond to each of the Office's citations to 
Rioux below: 

1 . "the loader and unlinker read ('load') the target executable code into member 

(receiving a runtime security policy) and unlink the various segments of code. . ." 
(Rioux, col. 3, lines 66-67, emphasis and annotation provided by the Office) - 
The Applicants strenuously point out that the cited language describes loading 
executable code , not receiving a runtime security policy. There is no disclosure 
or suggestion of an assignment of rights. Importantly, there is not even a 
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disclosure or suggestion of any dependence or relationship to "rights". In 
addition, the language does not disclose or suggest load-time security checks or 
permissions in association with the loading of target executable code. 
2. "Intermediate representations of modeled executable coed (sic) can thus be 
scanned or analyzed for flaws or conditions, especially including security 
holes , buffer structure flaws exploitable via 'buffer overflow' attack, and other 
known and unknown risk factors. Such use is of great interest in the software 
arts today as a means of certifying software as trusted and/or determining 
whether software is safe to operate in mission-critical applications, for example." 
(Rioux, col 11, lines 3-11, emphasis provided by the Office) - The Applicants 
point out that neither the cited language nor any other aspect of Rioux relates 
security to any "rights", load-time security checks, or permissions. Instead, as 
argued in the Applicants' response to first Office Action, Rioux is concerned only 
with identifying operational flaws in the executable code that may result in 
security "holes" caused by the software errors - this bears no relation to use of a 
runtime security policy. 
The Applicants respectfully reassert the arguments from the response to first Office 
Action. The Office's response to those arguments does not establish or support a prima facie 
case for rejection in that Rioux does not teach receipt of a runtime security policy and does not 
teach any characteristic of security relating to "rights". (The term "right" does not appear 
anywhere in Rioux, other than the copy right notice, and further, the concept of "rights" is not 
disclosed or suggested in Rioux.) Simply put, the "security concerns" of Rioux are not based on 
rights or a runtime security policy, and the Office has provided no support for a reasonable 
interpretation to the contrary. 

In Subsection B, the Office is responding to Applicants' argument that Rioux fails to 
disclose "generating a call graph of call paths through the input component code simulated in 
combination with at least one symbolic component representing additional arbitrary code that 
complies with the runtime security policy". The Office cites several portions of Rioux in support 
of its response. The Office highlights language from Rioux, col. 10, lines 56-67 stating "the 
model can be easily analyzed for software flaws, security vulnerability, and performance issues", 
but this language does not disclose or suggest a runtime security policy or simulation of input 
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component code in combination with a symbolic component that represents arbitrary code that 
complies with the runtime security policy. Rather than itemizing each of the Office's citations, 
the Applicants assert that none of these cited portions of Rioux make any disclosure or 
suggestion of a runtime security policy or rights . Further, the only code referenced in this cited 
language is the executable code and the original source code - there is no disclosure or 
suggestion of arbitrary symbolic component that complies with the runtime security policy or 
simulation of input component code in combination with such a symbolic component . The 
Applicants respectfully reassert the arguments from the response to first Office Action. The 
Office's response to those arguments does not establish or support a prima facie case for 
rejection in that Rioux does not teach "generating a call graph of call paths through the input 
component code simulated in combination with at least one symbolic component representing 
additional arbitrary code that complies with the runtime security policy". 

In Subsection C, the Office is responding to Applicants' argument that Berg fails to 
disclose "call paths through the input component code simulated in combination with at least one 
symbolic component representing additional arbitrary code that complies with the runtime 
security policy". Despite the Office's reference to its response in Subsection B, the Applicants 
reiterate their arguments from the first response as well as the arguments with regard to 
Subsection B - both Rioux and Berg fail to disclose a "runtime security policy", an arbitrary 
symbolic component that complies with the runtime security policy and simulation of input 
component code in combination with such a symbolic component. 

In Subsection D, the Office is responding to Applicants' arguments that neither Rioux nor 
Berg discloses "identifying a subset of the call paths in the call graph that satisfy the query." 
The Office cites several statements in Rioux and Berg in support of its position that the 
"identifying" operation is disclosed or suggested in one or both of the references. However, 
none of the cited statements actually support the Office's position. 

The Office first cites a statement in Rioux (col. 6, lines 56-60), which includes the 
language "a first, fitting control flow model is approximated from control flow graphs. . .", as 
disclosing "a subset", apparently of call paths in a call graph. However, the cited language in 
Rioux only discloses approximating a control flow model based on control flow graphs - no 
subsets of call paths are disclosed or even suggested by this language, particularly a subset of 
call paths in a call graph that satisfy a query. 
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The Office cites other statements in Rioux, but none of these statements disclose or 
suggest the recited "identifying" operation - there are no subsets of call paths disclosed, 
particularly those that satisfy a query. The cited language includes statements about scanning or 
analyzing (no queries are disclosed), intermediate representation of modeled executable code, 
risk factors, certifying software as trusted, etc., but none of these statements have any relevance 
to the recited "identifying" operation. 

In summary, the Applicants respectfully assert that the Office's response to Applicants' 
arguments in the response to the first Office Action are not on point with the Applicants' written 
positions and therefore do not rebut the Applicants' arguments. To date, the Office has not 
shown in Rioux or Berg a runtime security policy, a generation of a call graph of call graphs 
based on simulation of input code or a symbolic component representing arbitrary code that 
complies with the runtime security policy. 

Rejections Under 35 U.S.C. $ 102 

Claims 1-4, 27-32, and 55-58 stand rejected under 35 U.S.C. §102(e) as being 
purportedly anticipated by U.S. Patent No. 7,051,322 to Rioux. The rejection is respectfully 
traversed. 

The Applicants reiterate the arguments from the response to the first non-final Office 
Action, incorporating those arguments by reference, and supplement these arguments with the 
arguments in the previous section relating to the Office's response to Applicants' arguments. 

In summary of those combined arguments, Rioux fails to disclose or suggest recited 
features of claims 1, 29, and 57, including receipt or use of a "runtime security policy," which 
resides in the context of "rights", load-time security checks, and permissions and is a well known 
term of art in software. Instead, Rioux discloses analyzing call paths derived from source code 
to detect operational defects of the source code that can result in software flaws, security 
vulnerability, and performance issues but fails to disclose or suggest any receipt or use of a 
runtime security policy. 

Furthermore, although Rioux discloses generating control flow graphs through source 
code and analyzing these graphs based on a control flow model, Rioux fails to disclose 
generating a call graph of call paths through input component code simulated in combination 
with at least one symbolic component representing additional arbitrary code that complies with 
the runtime security policy. Rioux does not contemplate a runtime security policy, access rights, 
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permissions, load-time security checks, or simulation of the source code in combination with a 
security policy-compliant symbolic component. 

The Office has added some new text to its Section 102 rejection language, which has 
been taken almost entirely from the Office's response to Applicant's arguments. As such, these 
new text in the Section 102 rejection has been fully addressed in the previous section of this 
response. Accordingly, Applicants assert that Rioux fails to anticipate or make obvious the 
invention of claims 1, 29, and 57. Allowance of claims 1, 29, and 57 is respectfully requested. 

Claims 2-4, 27, and 28 depend from claim 1, claims 30-32, 55, and 56 depend from 
claim 29, and claim 58 depends from claim 57. Claims 1, 29, and 57 are believed to be 
allowable based on the foregoing arguments. Accordingly, claims 2-4, 27, 28, 30-32, 55, 56, and 
58 are believed to be allowable for at least the same reasons as their base claims. Therefore, 
allowance of claims 2-4, 27, 28, 30-32, 55, 56, and 58 is respectfully requested. 

Rejections Under 35 U.S.C. §103(a) 

Claims 5-26, 33-54 and 59-77 stand rejected under 35 U.S.C. § 103(a) as being 
purportedly unpatentable over Rioux in view of U.S Patent Application 2005/0010806 Al to 
Berg, et al. ("Berg"). The Applicants respectfully traverse the rejections. 

Claims 5-26 depend from claim 1, claims 33-54 depend from claim 29, and claims 59-62 
depend from claim 57. Claims 1, 29, and 57 are believed to be allowable based on the foregoing 
arguments. Accordingly, claims 5-26, 33-54, and 59-62 are believed to be allowable for at least 
the same reasons as their base claims. Therefore, allowance of claims 5-26, 33-54, and 59-62 is 
respectfully requested. 

Furthermore, the Applicants reiterate the arguments from the response to the first non- 
final Office Action, incorporating those arguments by reference, and supplement these 
arguments with the arguments in the previous section relating to the Office's response to 
Applicants' arguments. 

In summary of those combined arguments, both Rioux and Berg fail to disclose or 
suggest recited features of claims 63, 68, and 73, including receipt or use of a "runtime security 
policy," which resides in the context of "rights", load-time security checks, and permissions and 
is a well known term of art in software. Furthermore, as argued above, both Rioux and Berg fail 
to disclose or suggest identifying a subset of the call paths of the call graph recited in claims 63, 
68, and 73 - there is no teaching of subsets of such call paths. 
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Claims 64-67 depend from claim 63, claims 69-72 depend from claim 68, and 
claims 74-77 depends from claim 73. Claims 63, 68, and 73 are believed to be allowable based 
on the foregoing arguments. Accordingly, claims 64-67, 69-72, and 74-77 are believed to be 
allowable for at least the same reasons as their base claims. Therefore, allowance of 
claims 64-67, 69-72, and 74-77 is respectfully requested. 

Conclusion 

The Applicants have fully responded to each and every objection and rejection in the 
Office action dated December 28, 2007 and believe that claims 1-77 are in a condition for 
allowance. Therefore, the Applicants respectfully request that a timely Notice of Allowance for 
claims 1-77 be issued in this case. 

This Amendment and Response to Office Action is submitted with a petition and fee for a 
three-month extension. The Applicants believe no other fees or petitions are due with this filing. 
However, should any such fees or petitions be required, please consider this a request therefor 
and authorization to charge Deposit Account No. 50-0463 as necessary. 

If the Office believes any issues could be resolved via a telephone interview, the Office is 
invited to contact the Undersigned at the telephone number listed below. 

Date: 02/14/2008 Respectfully submitted, 



/Richard J. Holzer. Jr./ 

Richard J. Holzer, Jr., Reg. No. 42,668 
Attorney for Applicants 
USPTO Customer No. 69316 

HENSLEY KIM & HOLZER, LLC 
1660 Lincoln Street, Suite 3000 
Denver, Colorado 80264 
Tel: 720-377-0770 
Fax: 720-377-0777 
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